16-31 July Cyber Attacks Timeline

I am back from my Summer holiday and finally I can publish the second timeline of July covering the main cyber attacks occurred between July 16 and July 31. Well, I believe I do not remember so many events since a while, as I have collected 81 events in this fortnight.

I really don’t know where to start from since the amount of events is really noticeable, similarly to their impact that in most cases is quite important

So this fortnight has seen some mega breaches: the most important affected Singapore’s largest health care group, SingHealth, which had the records of 1.5 million patients compromised, but also UnityPoint Health was severely hit with 1.4 million patients who had their information breached after a phishing attacks.

Millions are also the dollars that were stolen in this fortnight. From traditional banks like the National Bank of Blacksburg ($2.4 million in two separate cyber attacks) and the PIR Bank of Russia ($1 million thanks to an unpatched router), or even from Crypto startups like KICKICO (the equivalent of $7.7 million in crypto tokens gone).

Another interesting event is a massive SIM hijacking operation, with the alleged authors (arrested by the California Authorities) able to steal a staggering $5 million in cryptocurrencies from around 40 victims).

Don’t make the mistake to believe that the massive breaches end here! This timeline is really to long to summarize, so my advice is to read it all and realize the fragility of our identity inside the cyber space? You may also want to have a look at the timelines of the main Cyber Attacks in 2011, 2012, 2013, 2014, 2015, 2016, 2017 and now 2018 (regularly updated… Hopefully!). And do not forget the Cyber Attack Statistics that are regularly published, and follow @paulsparrows on Twitter for the latest updates.

Last but not least, feel free to submit remarkable incidents that in your opinion deserve to be included in the timelines (and charts). If useful, you can access the timeline in Google Sheet format.

wdt_ID

ID

Date

Author

Target

Description

Attack

Target Class

Attack Class

Country

Link

1

1

12/07/2018

Joel Ortiz

Around 40 victims

California authorities arrest Joel Ortiz, a 20-year-old college student, who hijacked more than 40 phone numbers and stole $5 million in bitcoins and other crypto currencies.

SIM Hijacking

X Individual

CC

US

2

2

15/07/2018

?

Mahatma Gandhi Mission Hospital

The Mahatma Gandhi Mission Hospital in Mumbai is hit by a ransomware attack.

Malware

Q Human health and social work activities

CC

IN

3

3

16/07/2018

?

Mega

Thousands of credentials for accounts associated with New Zealand-based file storage service Mega are published online. The text file contains over 15,500 usernames, passwords, and files names.

Credential Stuffing

J Information and communication

CC

NZ

4

4

16/07/2018

?

LabCorp

LabCorp, the US' biggest blood testing laboratories network, announces that hackers breached its IT network over the weekend.

Unknown

Q Human health and social work activities

CC

US

5

5

16/07/2018

Andariel Group

South Korean targets

Researchers from Trend Micro discover a new campaign from the Andariel Group carried out via the injection of a malicious script into four compromised South Korean websites for reconnaissance purposes.

Targeted Attack

O Public administration and defence, compulsory social security

CE

KR

6

6

16/07/2018

?

Sunspire Health

Sunspire Health notifies an undisclosed number of individuals after several employee email accounts were accessed in a phishing attack between March 1, 2018 and May 4, 2018.

Account Hijacking

Q Human health and social work activities

CC

US

7

7

16/07/2018

?

University of Pittsburgh Medical Center - Cole

UPMC Cole has notified 790 patients treated at UPMC Cole that their personal information may have been inappropriately accessed after two phishing attacks on June 7 and June 14.

Account Hijacking

Q Human health and social work activities

CC

US

8

8

16/07/2018

?

City of Bozeman

The city of Bozeman says some customers that used its Click2Gov utility payment system in 2017 may have had their credit information stolen.

Vulnerability

O Public administration and defence, compulsory social security

CC

US

9

9

16/07/2018

?

Single Individuals

Researchers from Kromtech discover an automated operation aimed to launder money from stolen credit cards, buying and selling goods for three popular games: Clash of Clans, Clash Royale, Marvel Contest of Champions.

Account Hijacking

X Individual

CC

>1

10

10

16/07/2018

?

Southern College of Optometry

The Southern College of Optometry notifies an undisclosed number of students whose student loan information and Social Security numbers were in an employee email account that was hacked